,

ISBN:, Edition: ,

Price: -

Table of Contents

Cisco Network Security Little Black Book ~ 1

Introduction ~ 4
Is this Book for You? ~ 4
How to Use this Book ~ 4
The Little Black Book Philosophy ~ 6

Chapter 1: Securing the Infrastructure ~ 7
In Brief ~ 7
Enterprise Security Problems ~ 7
Types of Threats ~ 8
Enterprise Security Challenges ~ 8
Enterprise Security Policy ~ 9
Securing the Enterprise ~ 10
Immediate Solutions ~ 14
Configuring Console Security ~ 14
Configuring Telnet Security ~ 16
Configuring Enable Mode Security ~ 17
Disabling Password Recovery ~ 18
Configuring Privilege Levels for Users ~ 20
Configuring Password Encryption ~ 21
Configuring Banner Messages ~ 22
Configuring SNMP Security ~ 24
Configuring RIP Authentication ~ 25
Configuring EIGRP Authentication ~ 27
Configuring OSPF Authentication ~ 31
Configuring Route Filters ~ 35
Suppressing Route Advertisements ~ 40

Chapter 2: AAA Security Technologies ~ 43
In Brief ~ 43
Access Control Security ~ 43
AAA Protocols ~ 48
Cisco Secure Access Control Server ~ 53
Immediate Solutions ~ 56
Configuring TACACS+ Globally ~ 56
Configuring TACACS+ Individually ~ 58
Configuring RADIUS Globally ~ 61
Configuring RADIUS Individually ~ 62
Configuring Authentication ~ 64
Configuring Authorization ~ 72
Configuring Accounting ~ 75
Installing and Configuring Cisco Secure NT ~ 78

Chapter 3: Perimeter Router Security ~ 85
In Brief ~ 85
Defining Networks ~ 85
Cisco Express Forwarding ~ 86
Unicast Reverse Path Forwarding ~ 87
TCP Intercept ~ 87
Network Address Translation ~ 89
Committed Access Rate ~ 90
Logging ~ 92
Immediate Solutions ~ 93
Configuring Cisco Express Forwarding ~ 93
Configuring Unicast Reverse Path Forwarding ~ 95
Configuring TCP Intercept ~ 98
Configuring Network Address Translation (NAT) ~ 103
Configuring Committed Access Rate (CAR) ~ 116
Configuring Logging ~ 119

Chapter 4: IOS Firewall Feature Set ~ 123
In Brief ~ 123
Context-Based Access Control ~ 123
Port Application Mapping ~ 127
IOS Firewall Intrusion Detection ~ 129
Immediate Solutions ~ 131
Configuring Context-Based Access Control ~ 131
Configuring Port Application Mapping ~ 143
Configuring IOS Firewall Intrusion Detection ~ 149

Chapter 5: Cisco Encryption Technology ~ 156
In Brief ~ 156
Cryptography ~ 156
Benefits of Encryption ~ 160
Symmetric and Asymmetric Key Encryption ~ 160
Digital Signature Standard ~ 166
Cisco Encryption Technology Overview ~ 167
Immediate Solutions ~ 168
Configuring Cisco Encryption Technology ~ 168

Chapter 6: Internet Protocol Security ~ 189
In Brief ~ 189
IPSec Packet Types ~ 190
IPSec Modes of Operation ~ 191
Key Management ~ 193
Encryption ~ 196
IPSec Implementations ~ 197
Immediate Solutions ~ 197
Configuring IPSec Using Pre-Shared Keys ~ 198
Configuring IPSec Using Manual Keys ~ 214
Configuring Tunnel EndPoint Discovery ~ 224

Chapter 7: Additional Access List Features ~ 231
In Brief ~ 231
Wildcard Masks ~ 233
Standard Access Lists ~ 234
Extended Access Lists ~ 234
Reflexive Access Lists ~ 235
Dynamic Access Lists ~ 236
Additional Access List Features ~ 238
Immediate Solutions ~ 239
Configuring Standard IP Access Lists ~ 239
Configuring Extended IP Access Lists ~ 242
Configuring Extended TCP Access Lists ~ 247
Configuring Named Access Lists ~ 250
Configuring Commented Access Lists ~ 252
Configuring Dynamic Access Lists ~ 254
Configuring Reflexive Access Lists ~ 260
Configuring Time-Based Access Lists ~ 263

Appendix A: IOS Firewall IDS Signature List ~ 266

Appendix B: Securing Ethernet Switches ~ 272
Configuring Management Access ~ 272
Configuring Port Security ~ 273
Configuring Permit Lists ~ 275
Configuring AAA Support ~ 276

List of Figures ~ 281

List of Tables ~ 283

List of Listings ~ 284